Index
Note: Page numbers followed by b indicate boxes, f indicate figures and t indicate tables.
A
Academia and Industry associations,
77–78
AccessData Certified Examiner (ACE),
241–242
Act of war
Advanced Persistent Threat (APT),
28,
175–176
Air Operation Center (AOC),
40–41
American Registry for Internet Numbers (ARIN),
107,
108
Army doctrine
Assault, attack process
actual cyber warfare,
189
internal manipulation,
189
Assault tools
Attackers and sponsors,
171
Attack methodology
cracking passwords,
26–27
kinetic and non-kinetic warfare,
21–24
Attack process, CNA
Autonomous actors
Intrusion Prevention Systems (IPSs),
215
B
Battle Damage Assessment (BDA),
72
C
Canadian Cyber Incident Response Center (CCIRC),
94
Canadian Security Intelligence Service (CSISS),
94
Center for Asymmetric Threat Studies (CATS),
64
Center for Strategic and International Studies (CSIS),
64
Center of Academic Excellence (CAE),
86
Certified Computer Crime Investigator (CCCI),
241–242
Certified Computer Examiner (CCE),
241–242
Certified Digital Forensic Examiner (CDFE),
241–242
Certified Digital Media Collector (CDMC),
241–242
Certified Electronic Evidence Collection Specialist Certification (CEECS),
241–242
Certified Forensic Computer examiner (CFCE),
241–242
Certified Information Systems Security Professional (CISSP®),
84
Chief Financial Officer (CFO),
38–39
Chief Information Officer (CIO)
security investment,
38–39
Close Air Support (CAS),
72
Commercial-off-the-shelf (COTS),
262,
287
Common Access Cards (CACs),
186
Communications Assistance to Law Enforcement Act (CALEA),
239
Communications Security Establishment Canada (CSEC),
94
Comprehensive National Cybersecurity Initiative (CNCI),
73
Computer Emergency Readiness Team (CERT),
287
Computer Emergency Response Team (CERT),
31
Computer Network Attack (CNA)
individual attackers,
181
reactive and proactive actions,
191
strategies and tactics,
192
Computer Network Defense (CND)
authentication, authorization and auditing,
196–197
conventional warfare,
193
data mining and pattern matching,
205
pure cyber attack sense and non-nation-state,
194
security awareness and training,
198–200
Computer Network Exploitation (CNE)
intelligence gathering activities,
169
sensitive information,
169
Computer Network Operations (CNO),
184,
267
Confidentiality, integrity and availability (CIA),
189,
195–196
Continuation of Operations Planning (COOP),
261–262
Control Objectives for Information and related Technology (COBIT),
238,
261
Corporations, non-state actors
regular criminal activities,
211–212
Counterinsurgency (COIN),
72–73
Counterintelligence (CI)
attackers and sponsors,
171
information gathered and activities,
165
Covert activity
attack, physical access controls,
150
eavesdropping, electromagnetic emissions,
149–150
vandalism/denial of service,
150
Crime Scene Investigation (CSI),
240
Criminal law
civil and tribunal laws,
233
Criminal organizations
Critical infrastructure and key resources (CIKR),
14–15
Critical Infrastructure Protection (CIP),
283
Cyber attacks
environments and monitoring,
200
intrusion detection and prevention,
201–202
surveillance, data mining and pattern matching,
201
vulnerability assessment and penetration testing,
202–203
Cyber Command (CYBERCOM),
10,
91,
287
Cybercrime, ,
Cyber doctrine
guidance and directives,
73–78
operations and exercises,
78–80
Cybersecurity challenges
situational awareness,
272
Cybersecurity issues
categorization and relationships, challenges,
259,
259f
challenges, complexity level,
258
Senior System Security Engineer,
258
Cyber Security Operations Centre (CSOC),
94,
95
Cyberspace battlefield
war-fighting domains,
41–45
Cyberspace challenges
computer network operations,
257–258
concise review and taxonomy,
258
the CTO’s office CyberAssure™ program,
257
national and international debate,
274
Cyber threatscape
attack methodology,
21–27
defenders and attackers, network,
20–21
F-35 Joint Strike Fighter program,
20
targeted capabilities,
33
Cyber warfare
America’s information dominance tools,
art of war,
battlefront,
biometric and nanotechnology,
285
CIP/SCADA vulnerabilities,
284
code word programs,
11–12
constant headlines,
corporate networks and cloud computing,
284–285
countries and non-nation state actors,
280–281
critical infrastructure, cyber attacks,
14–15,
15f,
280
Cyber Pearl Harbor and 9/11 attacks,
281
cyberspace, electronics and electromagnetic spectrum,
cyber strategy and power,
6–7
“Israeli Elite Strike Force”,
12–13
Law Enforcement Agencies,
285
long-term evolution and sudden paradigm shifts,
277
national leadership, the U.S.,
national level leaders,
286
National Military Strategy for Cyberspace Operations,
natural evolutionary trends,
282–283
NORTHCOM and CYBERCOM,
287
“Operation Israel”,
12–13
physical infrastructure,
280
pro-Palestinian attack tool,
12–13
Revolution in Military Affairs (RMA),
279
“social networking” activities,
284
Swordfish 2001,
tactical and operational reasons,
4–6
at 4th annual homeland security conference,
286
United Nations (UN),
Cyber warfare forces
cyber warfare arena,
90,
91f
Cyber warrior
experience and skills,
86–87
D
Defense Advanced Research Projects Agency (DARPA),
37,
287
Defense-in-depth
“Annualized Loss Expectancy”,
32
configuration management,
31
Internet Service Provider (ISP),
36–37
management, identity,
31–32
the Twitter Revolution,
37
Defense Information Systems Agency (DISA),
91
“Defense Reform 2020”,
68
Defense Security Command (DSC),
67–68
Defense Signals Directorate (DSD),
94
Demilitarized Zone (DMZ),
21
Democratic People’s Republic of Korea (DPRK),
93–94
Denial of Service (DoS),
190
Department of Defense (DoD)
Department of Homeland Security (DHS),
10,
73–75,
287
Development Centers and Defense Advanced Research Projects Agency (DARPA),
273
Digital forensics
computer devices and networks,
239–240
systematic gathering and analysis,
239–240
Digital Millennium Copyright Act (DCMA),
236
Diplomatic, Information, Military and Economic (DIME), ,
281
Director of Central Intelligence Directive (DCID),
261
Director of the National Security Agency (DIRNSA),
91
Disaster Recovery Planning (DRP),
203
Distributed Denial of Service (DDoS)
DOD Information Assurance Certification and Accreditation Process (DIACAP),
261
Domain Name Server (DNS)
Dynamic Host Configuration Protocol (DHCP),
126
E
Educational exercises,
80
Electromagnetic attacks
defense
vs. conventional attacks,
147–148
jamming technologies,
147
Electromagnetic pulse weapons (EMP),
146–147
Electronic Communications Privacy Act (EPCA),
239
Elicitation
conventional collection techniques,
164
EnCase Certified Examiner (ENCE),
84
Ethics
collateral damage issues,
255
the Geneva and Hague conventions,
255
governmental and civilian networks,
255
European Countries cyber doctrine,
68–70
Exfiltration tools
encryption and steganography,
125
Extensible Markup Language Remote Procedure Call (XML-RPC),
120–121
Extensible Messaging and Presence Protocol (XMPP),
188
F
Facility and equipment hardening process,
148–149
Fear Uncertainty and Doubt (FUD),
39
Federal Aviation Administration (FAA),
39
Federal Bureau of Investigation (FBI),
39
Federal Information Security Management Act (FISMA),
237–238
Federally Funded Research and Development Centers (FFRDCs),
212
Fielding systems
contract requirements,
50–51
IT acquisition process,
50
File Transfer Protocol (FTP),
188,
190
Foreign Intelligence Surveillance Act (FISA),
237
G
General Staff Department (GSD),
91–92
Geospatial intelligence (GEOINT),
GIAC Certified Forensic Analyst (GCFA),
241–242
GIAC Certified Penetration Tester (GPEN),
84
Global Information Assurance Certification (GIAC),
84
Global Information Grid (GIG),
The Google Hacking Database (GHDB),
106
Government Off the Shelf (GOTS),
262
Gramm Leach Bliley Act (GLB),
236
H
Health Insurance Portability and Accountability Act (HIPAA),
239
Homeland Security/Presidential Directives (HSPDs),
75–76
Human intelligence (HUMINT)
body language and personal representation,
162
operators/interrogators,
162
Hypertext Transfer Protocol (HTTP),
188
I
Identity management (IDM),
264,
272
Imagery intelligence (IMINT),
Individual actors
Personally Identifiable Information (PII),
208
Industrial control system (ICS),
140
Information Operations Condition (INFOCON),
62–63
Information Security Management System (ISMS),
238
Information Security Policy Council (ISPC),
94
Information Systems Audit and Control Association (ISACA),
84,
238,
261
Information Technology Infrastructure Library (ITIL),
238
Infrastructure process, hardware and software,
148
Intelligence Preparation of the Operational Environment (IPOE),
70–71
International Association for Computer Investigative Specialists (IACIS),
241–242
International law
International Trafficking in Arms Regulations (ITAR),
235
The Internet Corporation for Assigned Names and Numbers (ICANN),
263–264
Intrusion detection and prevention,
201–202
Intrusion Detection Systems (IDS),
184,
265
Intrusion Protection Systems (IPS),
265
Intrusion Response System (IRS),
218
Israel Defense Force (IDF),
93
J
Jamming technologies,
147
Joint doctrine
and multinational integration of forces,
56–57
Joint Munitions Effectiveness Manual (JMEM),
71
Joint Operational Access Concept (JOAC),
58
Justice after war
hold morally culpable individuals accountable,
254
seek a lasting peace,
254
Just war theory
K
Korea Information Security Agency (KISA),
93
Korea IT International Cooperation Agency (KIICA),
93
L
Law enforcement agencies (LEAs)
the United States act of war,
222
Law of armed conflict
the Geneva Conventions,
248
the right to wage war,
248
Law of Armed Conflict (LOAC)
conflict and customary international law,
227
international armed conflicts,
221
the United Nations (UN) Charter,
227
Legal systems
conflicts/wars categories,
221
congressional statutes,
239
the Department of Defense Cyberspace Policy Report,
224–228
deterrence/effective retaliation,
225
escalation, cyberwarfare,
225
foundational principles, geography,
231
intelligence-gathering function,
226
International Group of Experts,
222–223
Internet and typical transaction,
230
NATO Cooperative Cyber Defence Centre of Excellence,
222
President’s freedom, the United States,
224
the Principle of Neutrality,
230
public and commercial networks,
229
third-party sovereignty,
227
Logical attack systems
Logical weapons
broad categories, tools,
104
damage and disrupt systems,
135
M
Malaysian Administrative Modernisation and Management Planning Unit (MAMPU),
94
Malaysian Communications and Multimedia Commission (MCMC),
94
Measurement and signature intelligence (MASINT),
Measures of Effectiveness (MOEs),
72
Metadata
The Metasploit Project
Express and Metasploit Pro,
121–123
Military information support operations (MISO),
155
Ministry of National Defense (MND),
67–68
Ministry of Science, Technology and Innovation (MOSTI),
94
Mission Event Synchronization List (MESL),
80
Motivations, hackers,
48–49
Mutually Assured Destruction (MAD),
271
N
National Information Security Center (NISC),
67–68,
94
National Initiative for Cybersecurity Careers and Studies (NICCS),
287
National Initiative for Cybersecurity Education (NICE),
267,
287
National Internet Development Agency of Korea (NIDAK),
93
Nessus
Nmap
Non-state actors
activities, terrorist groups,
207
advantages, cyber warfare,
207
individual scale and smaller groups activity,
218
North American Treaty Organization (NATO), ,
10,
12,
222,
231
Northern Command (NORTHCOM),
287
O
Obfuscation tools
Offensive Security Certified Professional (OSCP),
84
Office of Cyber Security (OCS),
95
Open source intelligence (OSINT), ,
171–173
Open Vulnerability Assessment System (OpenVAS),
118
Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE),
238
Operational Security (OPSEC) techniques
Organizations, cybersecurity
CYBERCOM and services,
41
hierarchical authority structure,
40
P
Physical infrastructure,
37–38
Physical weapons
conventional explosives,
137
logical and physical realms,
138–140
Post Office Protocol (POP),
185–186
Privacy impact assessment (PIA),
237–238
Private/Mercenary Armies,
70
Proper conduct in war
Psychological Operations (PSY OPS)
R
Read Only Memory (ROM),
130
Reconnaissance process
Reconnaissance skill,
86,
99
Reconnaissance tools
websites and web servers,
105
The Regional Internet Registries (RIR),
107–108
Revolution in Military Affairs (RMA),
The Right to wage war
probability of success,
251
S
Sarbanes—Oxley Act (SOX),
236
Scanning tools
Science, Technology, Engineering and Mathematics (STEM),
267
Secretary General for National Defense (SGDN),
92–93
Security Operations Centers (SOC),
31
Signals intelligence (SIGINT),
Singapore Infocomm Technology Security Authority (SITSA),
93
Situational awareness and visualization,
269,
272
Social Engineering (SE)
Staff, cyber warfare
financial and emotional trauma,
98
Personally Identifiable Information (PII),
98
physical and logical sense,
99–100
recruitment, talented people,
97–98
rigorous and time-consuming training processes,
97
strategic and tactical knowledge,
100
the United States and China,
96–97
Stored Communications Act (SCA),
239
Strategic Command (STRATCOM),
91
Supervisory control and data acquisition (SCADA)
consequences, failures,
143
potential outright hardware damage,
131
utility systems, Ohio begin,
213
Supply chain
compromised hardware,
144
Surveillance, CNE
Sustainment tools
adding “authorized” access,
127
SysAdmin, Audit, Network and Security (SANS),
84
T
Tackling locks
defending
vs. covert attacks,
152–153
padlock/combination lock,
151
Technical intelligence (TECHINT),
Technical Reconnaissance Bureaus (TRB),
91–92
Terrorism, cyber
communications methods,
214
conventional terrorists,
212
intelligence agencies,
213
the United States, borders security,
213–214
virtual and physical world,
214
Traditional fighting forces
physical condition,
88–89
U
The Uniform Code of Military Justice (UCMJ),
236
The United States
Air Force cyber doctrine,
59–60
Army cyber doctrine,
61–62
cyber capabilities and plans,
225
Navy cyber doctrine,
60–61
The United States doctrine
offensive capabilities,
53–54
The United States laws
Computer Fraud and Abuse Act,
236
Cyber Security Enhancement Act,
236–237
incentivize industry,
233
National Defense Authorization Acts of 2006 and 2007,
236
National Guard and Coast Guard,
235
the Posse Comitatus Act,
235
the Radio Act of 1912,
236
standards to support cybersecurity,
238
Use of force
hold morally culpable individuals accountable,
254
probability of success,
251
unlawful cyber operations,
222
The U.S. Internal Revenue Service (IRS),
105
V
Voice over IP (VoIP),
176
W
Waging war, cyber era
reactive
vs. proactive,
183
small-scale skirmishes,
184
Warfare, ethics
War-fighting domains
Weapons of Mass Destruction (WMD),
X